CN115185697A - Cluster resource scheduling method, system, equipment and storage medium based on kubernets - Google Patents
Cluster resource scheduling method, system, equipment and storage medium based on kubernets Download PDFInfo
- Publication number
- CN115185697A CN115185697A CN202210944014.3A CN202210944014A CN115185697A CN 115185697 A CN115185697 A CN 115185697A CN 202210944014 A CN202210944014 A CN 202210944014A CN 115185697 A CN115185697 A CN 115185697A
- Authority
- CN
- China
- Prior art keywords
- cluster
- pod
- namespace
- resource
- resource pool
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5083—Techniques for rebalancing the load in a distributed system
Abstract
The invention discloses a cluster resource scheduling method based on kubernets, which comprises the following steps: creating a resource pool, setting labels and taints of the resource pool, and pulling part of cluster nodes in a cluster into the resource pool; creating a tenant, and distributing part of cluster resources to the tenant to become tenant resources; creating a project under the tenant, and distributing partial tenant resources to the project to become project resources; creating a k8s resource Namespace under the project, and distributing part of project resources to the Namespace; creating a workload under the Namespace; monitoring the creation or updating of the Pod by utilizing the dynamic access control in k8s, and setting the label selection and stain tolerance of the Pod according to the Namespace to which the Pod belongs; and the Pod is dispatched to the cluster nodes with the corresponding labels and the taints according to the label selection and the taint tolerance. The invention also discloses a cluster resource scheduling system based on the kubernets. The invention realizes the integral scheduling and management of the cluster resources and can effectively improve the utilization rate of the cluster resources.
Description
Technical Field
The invention relates to the technical field of cloud computing, in particular to a method, a system, equipment and a storage medium for cluster resource scheduling based on kubernets.
Background
k8s, which is totally called kubernets, is abbreviated as k8s and is an abbreviation formed by replacing 8 characters "ubernet" with "8", and k8s is an open-source container arrangement engine, which supports functions of automatic deployment, large-scale scalability, application containerization management and the like, and provides a plurality of mechanisms capable of performing extensible operation on k8s resources, including an authority control plug-in, admission control, extensible resources, automatic scalability, resource quota management and the like.
k8s provides cluster resource management, that is, cluster resources are allocated and managed through k8s resource Namespace, but the problem of low utilization rate of the cluster resources is caused because the cluster resources cannot be integrally scheduled, and how to integrally manage and schedule the cluster resources and improve the utilization rate of the cluster resources is a problem to be solved by technical personnel in the field.
Disclosure of Invention
The invention aims to provide a kubernetes-based cluster resource scheduling method, a kubernetes-based cluster resource scheduling system, kubernetes-based cluster resource scheduling equipment and a kubernetes-based storage medium, and solves the problem that k8s cannot effectively schedule and manage cluster resources, so that the cluster resources cannot be effectively utilized.
In order to solve the technical problem, the invention provides a cluster resource scheduling method based on kubernets, which comprises the following steps:
creating a resource pool, setting labels and taints of the resource pool, and pulling part of cluster nodes in a cluster into the resource pool;
creating a tenant, and allocating cluster resources of part of cluster nodes in the resource pool to the tenant to become tenant resources;
creating a project under a tenant, and distributing partial tenant resources to the project to become project resources;
creating a Namespace under the project, and distributing partial project resources to the Namespace;
creating a workload under the Namespace, setting the cluster resource amount of a workload request, and creating a group of Pod by the workload;
monitoring the creation or updating of the Pod by utilizing the dynamic access control in the K8s, and setting the label selection and stain tolerance of the Pod according to the Namespace to which the Pod belongs;
and the Pod is dispatched to the cluster node with the corresponding label and stain in the resource pool according to the label selection and the stain tolerance, and the cluster resource on the cluster node is used.
Preferably, creating a resource pool, setting a label and a taint of the resource pool, and pulling part of cluster nodes in the cluster into the resource pool, specifically comprising the following steps:
creating a resource pool, and setting labels and taints of the resource pool;
pulling part of cluster nodes in the cluster into a resource pool;
and adding the label and the taint of the resource pool to all cluster nodes pulled into the resource pool.
Preferably, creating a Namespace under the project, and allocating part of project resources to the Namespace, specifically including the following steps:
creating Namespace under the project;
creating ResourceQuota under Namespace, and setting cluster resource quota distributed to Namespace;
and setting the label and the taint of the resource pool to which the cluster resource quota belongs on the annotation of Namespace.
Preferably, the creation or update of the Pod is monitored by using dynamic admission control in the cluster, and the tag selection and the stain tolerance of the Pod are set according to the Namespace to which the Pod belongs, which specifically comprises the following steps:
creating a mutetgowkok configuration and configuring a Webhook address for dynamic admission control;
and the dynamic admission control monitors the creation or the updating of the Pod through an Application Programming Interface (API), and sets the tag selection and the taint tolerance of the Pod according to the tags and the taint in the Namespace note to which the Pod belongs.
Preferably, configuring the Webhook address for dynamic admission control specifically includes: and setting a WebhookAPI interface path called when the Pod is created or updated.
Preferably, the dynamic admission control monitors creation or update of the Pod through an application programming interface API, sets tag selection and taint tolerance of the Pod according to tags and taints in a Namespace annotation to which the Pod belongs, and specifically includes the following steps:
and the dynamic admission control monitors the creation or the update of the Pod through an application programming interface API, acquires the label and the stain of the bound resource pool through the annotation on the Namespace when monitoring the creation or the update of the Pod resource, sets label selection for the Pod and tolerates the stain as the label selection and the stain tolerance of the Pod.
The invention also provides a system for implementing the kubernets-based cluster resource scheduling method, which comprises the following steps:
the user management module is used for authenticating the role and the authority of the user, and managing the tenant and the project in the system, and the tenant and the project to which the user belongs;
the resource management module is used for managing the tenant, the project, the cluster resource quota of the Namespace and the resource pool;
and the Webhook module is used for monitoring the creation or update of the Pod, acquiring the tag and the stain of the bound resource pool through the annotation on the Namespace, and setting tag selection and stain tolerance for the Pod.
The present invention also provides a computer apparatus comprising:
at least one processor;
and a memory, wherein the memory stores a computer program, and wherein the processor implements the steps of the kubernets-based cluster resource scheduling method when executing the computer program.
The present invention further provides a computer-readable storage medium, which stores a computer program, wherein the computer program, when executed by a processor, implements the steps of the kubernets-based cluster resource scheduling method.
Compared with the prior art, the invention has the following beneficial effects:
in this embodiment, based on a k8s platform, a cluster Node is divided into different resource pools by using tags and taints, a tenant is created to allocate tenant resources, a project is created to allocate project resources, a Namespace is created to allocate Namespace resources, meanwhile, resourceQuota is created to set a Namespace resource quota, a workload is created under the Namespace, a dynamic admission Webhook is deployed by using k8s resource Deployment, the Webhook monitors creation or update of a Pod, tag selection and taint tolerance are set for the Pod, the Pod is scheduled to a specific cluster Node according to the tag selection and the taint tolerance, overall scheduling and management of the cluster resources are realized, and the utilization rate of the cluster resources can be effectively improved.
Drawings
The following describes embodiments of the present invention in further detail with reference to the accompanying drawings.
Fig. 1 is a schematic diagram of a flow of a cluster resource scheduling method based on kubernets according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a process of creating a resource pool, setting labels and taints of the resource pool, and pulling part of cluster nodes in a cluster into the resource pool according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a process of creating a tenant, allocating part of resources of a resource pool to the tenant, creating an item under the tenant as tenant resources, and allocating part of resources of the tenant to the item as item resources according to an embodiment of the present invention;
fig. 4 is a schematic flow diagram of creating a k8s resource Namespace under a project and allocating part of project resources to the Namespace according to the embodiment of the present invention;
fig. 5 is a schematic flow chart illustrating how to monitor creation or update of a Pod and set tag selection and stain tolerance of the Pod according to Namespace to which the Pod belongs by using dynamic admission control Webhook in k8s according to the embodiment of the present invention;
fig. 6 is a schematic diagram of a cluster resource scheduling system based on kubernets according to an embodiment of the present invention;
fig. 7 is a schematic hardware structural diagram of a computer device for cluster resource scheduling based on kubernets according to an embodiment of the present invention;
fig. 8 is a schematic diagram of a computer-readable storage medium for cluster resource scheduling based on kubernets according to an embodiment of the present invention.
In the figure: 701-a processor; 702-a storage; 703-computer instructions; 801-computer readable storage media; 802-computer program.
Detailed Description
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein, but rather construed as limited to the embodiments set forth herein.
The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present specification refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It will be understood that, although the terms first, second, etc. may be used herein in one or more embodiments to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first can also be referred to as a second and, similarly, a second can also be referred to as a first without departing from the scope of one or more embodiments of the present description. The word "if" as used herein may be interpreted as "at" \8230; "or" when 8230; \8230; "or" in response to a determination ", depending on the context.
The terms used in this embodiment are to be interpreted as follows:
cluster resources: all resources that can be allocated for use by a Pod include: CPU, internal memory, GPU core number, GPU video memory, cluster storage and the like;
pod: a Pod is the smallest deployable computing unit that can be created and managed in kubernets, which can include one or a set of containers;
namespace: the Namespace is a very important resource in a k8s system, and has the main function of realizing resource isolation of multiple environments or multi-tenant resource isolation; by default, all of the Pod's in the k8s cluster are mutually accessible. In practice, however, it may not be desirable to have mutual access between two Pod, and then the two Pod may be partitioned into different namespaces. k8s can form a logical group by distributing resources in the cluster to different Namespaces, so that the resources of different groups can be conveniently isolated, used and managed;
labeling: labels (Labels) are key-value pairs attached to kubernets objects such as Pods. By marking the cluster nodes with labels and then selecting the labels for the Pod, the Pod can be dispatched to the cluster nodes with the labels and use the resources on the cluster nodes;
and (3) stain: a taint is an attribute on a cluster Node, and only those Pod which tolerate the taint can be dispatched to the cluster Node for use. Taint and tolerance taint (tolerization) can be used to avoid Pod assignment to inappropriate cluster nodes. One or more taints may be included on each cluster node, indicating that for those pods that cannot tolerate such taints, they are not scheduled on that cluster node. The stain mainly comprises three attributes, key, value and effect;
the working load is as follows: the workload is an application running on kubernets. Workload is a further abstraction for better management of Pod, in kubernets load resources may be used instead of managing a set of pods, which is typically created by workloads. Built-in workload resources provided by kubernets include: deployment, repliaset, stateful set, daemonSet, job, and cron Job;
dynamic admission control: dynamic admission control is an HTTP or HTTPs callback mechanism for receiving and processing admission requests. The dynamic admission control includes two types, one is a verified admission control, namely validating admission webhook, and the second is a modified admission control, namely muttating admission webhook. Admission control of the modified nature will be invoked first, they can modify the k8s resource object to perform a custom modification, accompanied by a muttingaddissionwebhook;
resource quote: a k8s resource that provides a limit on the total amount of resource consumption per namespace. It may limit the total upper limit on the number of objects of a certain type in the namespace, as well as the total upper limit on the computational resources that may be used by a Pod in the command space. The resource Quota resource can limit the cluster resource amount used by Pod under Namespace, so as to realize the scheduling of resources;
mutatingWebHookconfiguration: a k8s resource is a configuration for dynamic admission control, and which k8s resources are dynamically configured to be processed by which admission Webhooks.
The embodiment of the invention requires to solve the following main technical problems:
the scheduling and management of the cluster resources at the Namespace level are provided in k8s, but for the whole cluster resources, the scheduling and management cannot be effectively carried out, so that the cluster resources cannot be effectively utilized.
In order to solve the above problem, an embodiment of the present invention provides a method for scheduling cluster resources based on kubernets, as shown in fig. 1, including the following steps:
s110: creating a resource pool, setting labels and taints of the resource pool, and pulling part of cluster nodes in a cluster into the resource pool;
s120: creating a tenant, and allocating cluster resources of part of cluster nodes in a resource pool to the tenant to become tenant resources;
the cluster resources are CPU, memory, GPU core number, GPU video memory, cluster storage and the like in the cluster nodes.
S130: creating a project under a tenant, and distributing partial tenant resources to the project to become project resources;
s140: creating a k8s resource Namespace under the project, and distributing partial project resources to the Namespace;
s150: creating a workload under the Namespace, and setting the cluster resource amount of a workload request;
the purpose of creating the workload is to: the working load can create Pod, the Pod can be dispatched to a certain cluster node in the resource pool according to the resource pool to which the Pod belongs, and the cluster resource of the corresponding resource pool is used, so that the aim of dispatching the cluster resource is fulfilled;
the cluster resource amount of the workload request is less than or equal to the Namespace available resource quota; when there is no available quota of cluster resources, the Namespace is no longer able to create a workload; the project quota can be reallocated to the Namespace to increase the available quota of the Namespace cluster resources;
s160: monitoring the creation or updating of the Pod by utilizing the dynamic access control in k8s, and setting the label selection and stain tolerance of the Pod according to the Namespace to which the Pod belongs;
s170: and the Pod is dispatched to the cluster node with the corresponding label and stain according to the label selection and the stain tolerance, and the cluster resource on the cluster node is used.
The embodiment can carry out integral scheduling and management on the cluster resources, and can effectively improve the utilization rate of the cluster resources.
As a preferred embodiment, creating a resource pool, setting labels and taints of the resource pool, and pulling part of cluster nodes in a cluster into the resource pool, as shown in fig. 2, specifically, the following manners may be adopted:
s111: creating a resource pool, and setting labels and taints of the resource pool;
the setting of the labels and the taints of the resource pools is artificial, and preferably, the labels and the taints of the resource pools should not be labels and taints contained in the cluster nodes. This is because if a cluster node that is not pulled into the resource pool contains the label and taint of the resource pool, a Pod may be dispatched to the cluster node, causing cluster resource management confusion;
s112, pulling part of cluster nodes in the cluster to the resource pool;
the cluster node in the cluster is a cluster node which does not belong to any resource pool and does not contain any stain, because if the cluster node which pulls the resource pool contains other stains, the Pod only tolerates the stain set by the resource pool during scheduling, and does not tolerate the original stain of the cluster node, so that the Pod cannot be scheduled on the cluster node containing the original stain, the resources on the cluster node cannot be used, and the resource waste is formed;
s113: and adding the label and the taint of the resource pool to all cluster nodes pulled into the resource pool.
As a preferred embodiment, the tenant is created, and the resource pool diversity group resource is allocated to the tenant to become the tenant resource; the project is created under the tenant, and part of resources of the tenant are distributed to the project to become project resources; as shown in fig. 3, the method specifically includes:
creating a tenant on the cluster management system, and distributing the cluster resources in the resource pool to the tenant to form tenant resources;
creating an item under the tenant, and distributing the tenant resource part to the item to become an item resource;
the tenant information and the tenant resource quota are stored in a system database, and resources allocated by the tenant come from a resource pool, so that the resource amount of the resource pool allocated by the tenant cannot be larger than the allocable resource amount of the resource pool;
the project information and the project resource quota are stored in the system database, and the resource allocated to the project comes from the tenant, so that the resource amount of the tenant allocated to the project cannot be larger than the resource amount allocable by the tenant.
As a preferred embodiment, the k8s resource Namespace is created under the project, and part of project resources are allocated to the Namespace; as shown in fig. 4, the process includes:
creating a k8s resource Namespace under a project;
creating a k8s resource ResourceQuota under the Namespace, and setting a cluster resource quota distributed to the Namespace;
setting the label and the taint of the resource pool to which the cluster resource quota belongs on the annotation of Namespace;
in the technical scheme provided by the embodiment of the invention, the label and the taint of the resource pool to which the cluster resource quota belongs are set on the annotation of Namespace, optionally, the information of the label, the taint and the Namespace is stored in a system database, the label and the taint are obtained from the system database by dynamic access control, and the label selection and the taint tolerance of Pod are set;
as a preferred embodiment, the creation or update of the Pod is monitored by using dynamic admission control in k8s, and the tag selection and stain tolerance of the Pod are set according to the Namespace to which the Pod belongs; as shown in fig. 5, the process includes:
creating a k8s resource, a multicast Webhook configuration, and configuring a Webhook address for dynamic admission control; the Webhook address configured for dynamic admission control specifically includes: setting a WebhookAPI interface path called when a Pod is created or updated;
the dynamic access control monitors the creation or updating of the Pod through an Application Programming Interface (API), and sets the tag selection and the taint tolerance of the Pod according to the tag and the taint in the Namespace annotation to which the Pod belongs; the method comprises the following specific steps: when the creation or the update of the Pod resource is monitored, acquiring a label and a stain of the bound resource pool through an annotation on Namespace, setting the label selection for the Pod and tolerating the stain as the label selection and the stain tolerance of the Pod;
optionally, the Webhook address configuring the dynamic admission control may be an HTTP protocol or an HTTPs protocol, and for the HTTPs protocol, unidirectional authentication or bidirectional authentication may be employed.
In order to implement the method, the second aspect of the present invention provides a cluster resource scheduling system based on kubernets. As shown in fig. 6, the system includes the following modules:
the user management module is used for authenticating the role and the authority of the user, and managing the tenant, the project in the system, and the tenant and the project to which the user belongs;
the resource management module is used for managing the tenant, the project, the cluster resource quota of the Namespace and the resource pool;
the Webhook module is used for monitoring the creation or updating of the k8s resource Pod, acquiring the label and the stain of the bound resource pool through the annotation on the Namespace, and setting label selection and stain tolerance for the Pod;
the user management module is configured to authenticate the role and the authority of the user based on RBAC (role-based authority control), authenticate the user by adopting a JWToken mode, and manage the tenant, the project, the Namespace, the cluster resource and the like which can be operated by the user;
the resource management module is configured to manage creation and scheduling of cluster resources, and includes: creating a resource pool, allocating tenant resources, allocating project resources, creating Namespace resources and the like;
the Webhook module is configured for monitoring the creation of the Pod and setting label selection and stain tolerance for the Pod according to the Namespace to which the Pod belongs; the Webhook module is deployed in a k8s resource Deployment mode, and exposure in a cluster is carried out in a Service mode;
based on a k8s platform, the Node is divided into different resource pools by using tags and taints, a tenant is created to allocate tenant resources, a project is created to allocate project resources, a Namespace is created to allocate Namespace resources, meanwhile, resourceQuota is created to set a Namespace resource quota, a workload is created under Namespace, a dynamic access Webhook is deployed by using k8s resource Deployment, the Webhook monitors the creation of a Pod, tag selection and taint tolerance are set for the Pod, the Pod is scheduled to a specific cluster Node according to the tag selection and the taint tolerance, the cluster resources are integrally scheduled and managed, and the utilization rate of the cluster resources can be effectively improved.
In view of the above object, in a third aspect of the present invention, a computer device is provided, which includes a memory and a processor, where the memory stores a computer program, and the processor executes the computer program to implement the steps of the kubernets-based cluster resource scheduling method. Which may be in the form of source code, object code, an executable file, or some intermediate form, among others.
Fig. 7 is a schematic hardware structural diagram of an embodiment of the kubernets-based cluster resource scheduling device according to the present invention.
The apparatus shown in fig. 7 includes, for example, a processor 701 and a memory 702.
The processor 701 and the memory 702 may be connected by a bus or other means, and fig. 7 illustrates the connection by a bus as an example.
The memory 702 is used as a non-volatile computer-readable storage medium for storing non-volatile software programs, non-volatile computer-executable programs and modules, which are used as the computer instructions 703, such as the program instructions/modules corresponding to the kubernets-based cluster resource scheduling method in the embodiment of the present invention. The processor 701 executes computer instructions 703 stored in the memory 702 to execute various functional applications of the server and data processing, i.e. to implement a kubernets-based cluster resource scheduling method of the above method embodiment.
The memory 702 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of a kubernets-based cluster resource scheduling method, and the like. Further, the memory 702 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, memory 702 may optionally include memory located remotely from processor 701, which may be connected to local modules via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The present invention also provides a computer-readable storage medium storing a computer program which, when executed by a processor, performs the above kubernets-based cluster resource scheduling method.
Fig. 8 is a schematic diagram of an embodiment of a storage medium scheduled based on kubernets cluster resources according to the present invention. Taking the computer storage medium as shown in fig. 8 as an example, the computer readable storage medium 801 stores a computer program 802 that when executed by a processor performs the method as described above.
Finally, it should be noted that, as those skilled in the art can understand that all or part of the processes in the methods according to the embodiments described above can be implemented by instructing relevant hardware through a computer program, a program of a kubernets-based cluster resource scheduling method can be stored in a computer-readable storage medium, and when the program is executed, the processes in the embodiments of the methods described above can be implemented. The storage medium of the program may be a magnetic disk, an optical disk, a Read Only Memory (ROM), a Random Access Memory (RAM), or the like. The embodiments of the computer program may achieve the same or similar effects as any of the above-described method embodiments corresponding thereto.
A computer-readable storage medium, in which a computer program is stored, which, when executed by a processor, performs any one of the above methods.
More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wire segments, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
In the context of the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present invention, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless section, wire section, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, and for example, the division of the modules, or units is only one type of division of logical functions, and there may be other divisions in actual implementation, for example, multiple units, modules, or components may be combined or integrated into another device, or some features may be omitted, or not executed.
The units may or may not be physically separate, and components displayed as units may be one physical unit or a plurality of physical units, that is, may be located in one place, or may be distributed in a plurality of different places. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer-readable medium, the computer program comprising program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication section, and/or installed from a removable medium. The computer program performs the above-described functions defined in the method of the present invention when executed by a Central Processing Unit (CPU). It should be noted that the computer readable medium of the present invention mentioned above can be a computer readable signal medium or a computer readable storage medium or any combination of the two. The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The above description is only an embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (9)
1. A cluster resource scheduling method based on kubernets is characterized by comprising the following steps:
creating a resource pool, setting labels and taints of the resource pool, and pulling part of cluster nodes in a cluster into the resource pool;
creating a tenant, and allocating cluster resources of part of cluster nodes in the resource pool to the tenant to become tenant resources;
creating a project under a tenant, and distributing partial tenant resources to the project to become project resources;
creating a Namespace under the project, and distributing partial project resources to the Namespace;
creating a workload under Namespace, setting the cluster resource amount of a workload request, and creating a group of Pod by the workload;
monitoring the creation or updating of the Pod by utilizing the dynamic access control in the K8s, and setting the label selection and stain tolerance of the Pod according to the Namespace to which the Pod belongs;
and the Pod is dispatched to the cluster node with the corresponding label and stain in the resource pool according to the label selection and the stain tolerance, and the cluster resource on the cluster node is used.
2. The method of claim 1, wherein creating a resource pool, setting labels and taints of the resource pool, and pulling part of cluster nodes in a cluster into the resource pool comprises the following steps:
creating a resource pool, and setting labels and taints of the resource pool;
pulling part of cluster nodes in the cluster into a resource pool;
and adding the label and the taint of the resource pool for all cluster nodes pulled into the resource pool.
3. The method of claim 1, wherein a Namespace is created under a project, and a part of project resources are allocated to the Namespace, and the method specifically comprises the following steps:
creating Namespace under the project;
creating ResourceQuota under Namespace, and setting a cluster resource quota distributed to Namespace;
and setting the label and the taint of the resource pool to which the cluster resource quota belongs on the annotation of Namespace.
4. The method as claimed in claim 1, wherein the creating or updating of Pod is monitored by using dynamic admission control in the cluster, and tag selection and stain tolerance of Pod are set according to Namespace to which the Pod belongs, and the method specifically includes the following steps:
creating a mutedgWebhookConfiguration, and configuring a Webhook address for dynamic admission control;
and the dynamic admission control monitors the creation or the update of the Pod through an application programming interface API (application programming interface), and sets the tag selection and the taint tolerance of the Pod according to the tag and the taint in the Namespace annotation to which the Pod belongs.
5. The method of claim 4, wherein the cluster resource scheduling method based on kubernets comprises:
the configuring of the Webhook address for dynamic admission control specifically includes: and setting a WebhookAPI interface path called when the Pod is created or updated.
6. The method for dispatching cluster resources based on kubernets according to claim 5, wherein the dynamic admission control monitors creation or update of a Pod through an application programming interface API, and sets tag selection and taint tolerance of the Pod according to tags and taint in a Namespace note to which the Pod belongs, and the method specifically comprises the following steps:
and the dynamic admission control monitors the creation or the update of the Pod through an application programming interface API, acquires the label and the stain of the bound resource pool through the annotation on the Namespace when monitoring the creation or the update of the Pod resource, sets label selection for the Pod and tolerates the stain as the label selection and the stain tolerance of the Pod.
7. A system for implementing the kubernets-based cluster resource scheduling method of any of claims 4-6, comprising:
the user management module is used for authenticating the role and the authority of the user, and managing the tenants and items in the system, and the tenants and items to which the user belongs;
the resource management module is used for managing the tenant, the project, the cluster resource quota of the Namespace and the resource pool;
and the Webhook module is used for monitoring the creation or update of the Pod, acquiring the tag and the stain of the bound resource pool through the annotation on the Namespace, and setting tag selection and stain tolerance for the Pod.
8. A computer device, comprising:
at least one processor;
and a memory storing a computer program, wherein the steps of the method of any one of claims 1-7 are implemented when the computer program is executed by the processor.
9. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210944014.3A CN115185697A (en) | 2022-08-08 | 2022-08-08 | Cluster resource scheduling method, system, equipment and storage medium based on kubernets |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210944014.3A CN115185697A (en) | 2022-08-08 | 2022-08-08 | Cluster resource scheduling method, system, equipment and storage medium based on kubernets |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115185697A true CN115185697A (en) | 2022-10-14 |
Family
ID=83522374
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210944014.3A Pending CN115185697A (en) | 2022-08-08 | 2022-08-08 | Cluster resource scheduling method, system, equipment and storage medium based on kubernets |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115185697A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220342997A1 (en) * | 2021-04-22 | 2022-10-27 | International Business Machines Corporation | Assessing latent security risks in kubernetes cluster |
| CN115658311A (en) * | 2022-10-31 | 2023-01-31 | 北京百度网讯科技有限公司 | Resource scheduling method, device, equipment and medium |
-
2022
- 2022-08-08 CN CN202210944014.3A patent/CN115185697A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220342997A1 (en) * | 2021-04-22 | 2022-10-27 | International Business Machines Corporation | Assessing latent security risks in kubernetes cluster |
| US11704413B2 (en) * | 2021-04-22 | 2023-07-18 | International Business Machines Corporation | Assessing latent security risks in Kubernetes cluster |
| CN115658311A (en) * | 2022-10-31 | 2023-01-31 | 北京百度网讯科技有限公司 | Resource scheduling method, device, equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10193977B2 (en) | System, device and process for dynamic tenant structure adjustment in a distributed resource management system | |
| US10003500B2 (en) | Systems and methods for resource sharing between two resource allocation systems | |
| US10552161B2 (en) | Cluster graphical processing unit (GPU) resource sharing efficiency by directed acyclic graph (DAG) generation | |
| Yahia et al. | Comprehensive survey for cloud computing based nature-inspired algorithms optimization scheduling | |
| CN108182111B (en) | Task scheduling system, method and device | |
| US10394477B2 (en) | Method and system for memory allocation in a disaggregated memory architecture | |
| US9141433B2 (en) | Automated cloud workload management in a map-reduce environment | |
| CN105897805B (en) | Method and device for cross-layer scheduling of resources of data center with multi-layer architecture | |
| CN115185697A (en) | Cluster resource scheduling method, system, equipment and storage medium based on kubernets | |
| CN110209484B (en) | Credible cloud task scheduling system and method based on multiple clouds and security mapping | |
| US10691312B2 (en) | Placement of virtual machines on physical hosts based on collocation rules | |
| US11237862B2 (en) | Virtualized network function deployment | |
| US11467874B2 (en) | System and method for resource management | |
| US9015169B2 (en) | Tenant placement in multitenant cloud databases with data sharing | |
| US11263054B2 (en) | Memory-aware placement for virtual GPU enabled systems | |
| US11372683B2 (en) | Placement of virtual GPU requests in virtual GPU enabled systems using a requested memory requirement of the virtual GPU request | |
| US10395195B2 (en) | Provisioning virtual machines to optimize application licensing costs | |
| CN107562521B (en) | Resource management method and device | |
| CN111045802B (en) | Redis cluster component scheduling system and method and platform equipment | |
| US20180107513A1 (en) | Leveraging Shared Work to Enhance Job Performance Across Analytics Platforms | |
| US20190171487A1 (en) | Method, device, and computer readable medium for managing dedicated processing resources | |
| CN116097236A (en) | Scalable operators for automatic management of workloads in a hybrid cloud environment | |
| Liu et al. | KubFBS: A fine‐grained and balance‐aware scheduling system for deep learning tasks based on kubernetes | |
| CN110221910A (en) | Method and apparatus for executing MPI operation | |
| US9942083B1 (en) | Capacity pool management |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |